diff options
48 files changed, 428 insertions, 146 deletions
@@ -1,5 +1,57 @@ 2000-06-26 Greg McGary <greg@mcgary.org> + * sysdeps/i386/add_n.S: Wrap entry-point symbol in BP_SYM (). + Check bounds of arguments. + * sysdeps/i386/addmul_1.S: Likewise. + * sysdeps/i386/lshift.S: Likewise. + * sysdeps/i386/mul_1.S: Likewise. + * sysdeps/i386/rshift.S: Likewise. + * sysdeps/i386/sub_n.S: Likewise. + * sysdeps/i386/submul_1.S: Likewise. + * sysdeps/i386/i586/add_n.S: Likewise. + * sysdeps/i386/i586/addmul_1.S: Likewise. + * sysdeps/i386/i586/lshift.S: Likewise. + * sysdeps/i386/i586/rshift.S: Likewise. + * sysdeps/i386/i586/sub_n.S: Likewise. + * sysdeps/i386/i686/add_n.S: Likewise. + + * sysdeps/i386/memchr.S: Likewise. + * sysdeps/i386/memcmp.S: Likewise. + * sysdeps/i386/rawmemchr.S: Likewise. + * sysdeps/i386/i586/bzero.S: Likewise. + * sysdeps/i386/i586/memcpy.S: Likewise. + * sysdeps/i386/i586/mempcpy.S: Likewise. + * sysdeps/i386/i586/memset.S: Likewise. + * sysdeps/i386/i686/bzero.S: Likewise. + * sysdeps/i386/i686/memcpy.S: Likewise. + * sysdeps/i386/i686/mempcpy.S: Likewise. + * sysdeps/i386/i686/memset.S: Likewise. + + * sysdeps/i386/stpcpy.S: Likewise. + * sysdeps/i386/stpncpy.S: Likewise. + * sysdeps/i386/strchr.S: Likewise. + * sysdeps/i386/strchrnul.S: Likewise. + * sysdeps/i386/strcspn.S: Likewise. + * sysdeps/i386/strpbrk.S: Likewise. + * sysdeps/i386/strrchr.S: Likewise. + * sysdeps/i386/strspn.S: Likewise. + * sysdeps/i386/strtok.S: Likewise. + * sysdeps/i386/strtok_r.S: Likewise. + * sysdeps/i386/i486/strcat.S: Likewise. + * sysdeps/i386/i486/strlen.S: Likewise. + * sysdeps/i386/i586/strchr.S: Likewise. + * sysdeps/i386/i586/strcpy.S: Likewise. + * sysdeps/i386/i586/strlen.S: Likewise. + * sysdeps/i386/i686/strcmp.S: Likewise. + * sysdeps/i386/i686/strtok.S: Likewise. + * sysdeps/i386/i686/strtok_r.S: Likewise. + + * sysdeps/i386/fpu/fegetenv.c: Wrap symbol names with BP_SYM (). + * sysdeps/i386/fpu/fesetenv.c: Likewise. + * sysdeps/i386/fpu/feupdateenv.c: Likewise. + * sysdeps/i386/fpu/fgetexcptflg.c: Likewise. + * sysdeps/i386/fpu/fsetexcptflg.c: Likewise. + * sysdeps/i386/addmul_1.S: Exchange roles of %ebp and %ebx. * sysdeps/i386/mul_1.S: Likewise. * sysdeps/i386/submul_1.S: Likewise. diff --git a/sysdeps/i386/add_n.S b/sysdeps/i386/add_n.S index edd2e852fd..31f3822516 100644 --- a/sysdeps/i386/add_n.S +++ b/sysdeps/i386/add_n.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+8 /* space for 2 saved regs */ @@ -29,7 +30,7 @@ #define SIZE S2+PTR_SIZE .text -ENTRY(__mpn_add_n) +ENTRY (BP_SYM (__mpn_add_n)) ENTER pushl %edi @@ -39,7 +40,13 @@ ENTRY(__mpn_add_n) movl S1(%esp),%esi movl S2(%esp),%edx movl SIZE(%esp),%ecx - +#if __BOUNDED_POINTERS__ + shll $2, %ecx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S1(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%edx, S2(%esp), %ecx) + shrl $2, %ecx +#endif movl %ecx,%eax shrl $3,%ecx /* compute count for unrolled loop */ negl %eax @@ -103,4 +110,4 @@ L(oop): movl (%esi),%eax LEAVE ret -END(__mpn_add_n) +END (BP_SYM (__mpn_add_n)) diff --git a/sysdeps/i386/addmul_1.S b/sysdeps/i386/addmul_1.S index a028944b5c..47c875d26d 100644 --- a/sysdeps/i386/addmul_1.S +++ b/sysdeps/i386/addmul_1.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -34,7 +35,7 @@ #define s2_limb ebx .text -ENTRY(__mpn_addmul_1) +ENTRY (BP_SYM (__mpn_addmul_1)) ENTER pushl %edi @@ -46,7 +47,13 @@ ENTRY(__mpn_addmul_1) movl S1(%esp), %s1_ptr movl SIZE(%esp), %sizeP movl S2LIMB(%esp), %s2_limb - +#if __BOUNDED_POINTERS__ + shll $2, %sizeP /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%res_ptr, RES(%esp), %sizeP) + CHECK_BOUNDS_BOTH_WIDE (%s1_ptr, S1(%esp), %sizeP) + CHECK_BOUNDS_BOTH_WIDE (%s2_limb, S2LIMB(%esp), %sizeP) + shrl $2, %sizeP +#endif leal (%res_ptr,%sizeP,4), %res_ptr leal (%s1_ptr,%sizeP,4), %s1_ptr negl %sizeP @@ -72,4 +79,4 @@ L(oop): LEAVE ret -END(__mpn_addmul_1) +END (BP_SYM (__mpn_addmul_1)) diff --git a/sysdeps/i386/fpu/fegetenv.c b/sysdeps/i386/fpu/fegetenv.c index 0c0f839c3d..22a675eaca 100644 --- a/sysdeps/i386/fpu/fegetenv.c +++ b/sysdeps/i386/fpu/fegetenv.c @@ -19,6 +19,7 @@ Boston, MA 02111-1307, USA. */ #include <fenv.h> +#include <bp-sym.h> int __fegetenv (fenv_t *envp) @@ -29,5 +30,5 @@ __fegetenv (fenv_t *envp) return 0; } strong_alias (__fegetenv, __old_fegetenv) -symbol_version (__old_fegetenv, fegetenv, GLIBC_2.1); -default_symbol_version (__fegetenv, fegetenv, GLIBC_2.2); +symbol_version (BP_SYM (__old_fegetenv), BP_SYM (fegetenv), GLIBC_2.1); +default_symbol_version (BP_SYM (__fegetenv), BP_SYM (fegetenv), GLIBC_2.2); diff --git a/sysdeps/i386/fpu/fesetenv.c b/sysdeps/i386/fpu/fesetenv.c index 70d20431c5..8c2cceef77 100644 --- a/sysdeps/i386/fpu/fesetenv.c +++ b/sysdeps/i386/fpu/fesetenv.c @@ -19,8 +19,8 @@ Boston, MA 02111-1307, USA. */ #include <fenv.h> - #include <assert.h> +#include <bp-sym.h> int @@ -78,5 +78,5 @@ __fesetenv (const fenv_t *envp) return 0; } strong_alias (__fesetenv, __old_fesetenv) -symbol_version (__old_fesetenv, fesetenv, GLIBC_2.1); -default_symbol_version (__fesetenv, fesetenv, GLIBC_2.2); +symbol_version (BP_SYM (__old_fesetenv), BP_SYM (fesetenv), GLIBC_2.1); +default_symbol_version (BP_SYM (__fesetenv), BP_SYM (fesetenv), GLIBC_2.2); diff --git a/sysdeps/i386/fpu/feupdateenv.c b/sysdeps/i386/fpu/feupdateenv.c index 3acd726ea0..838d381ccc 100644 --- a/sysdeps/i386/fpu/feupdateenv.c +++ b/sysdeps/i386/fpu/feupdateenv.c @@ -19,6 +19,7 @@ Boston, MA 02111-1307, USA. */ #include <fenv.h> +#include <bp-sym.h> int __feupdateenv (const fenv_t *envp) @@ -41,5 +42,5 @@ __feupdateenv (const fenv_t *envp) return 0; } strong_alias (__feupdateenv, __old_feupdateenv) -symbol_version (__old_feupdateenv, feupdateenv, GLIBC_2.1); -default_symbol_version (__feupdateenv, feupdateenv, GLIBC_2.2); +symbol_version (BP_SYM (__old_feupdateenv), BP_SYM (feupdateenv), GLIBC_2.1); +default_symbol_version (BP_SYM (__feupdateenv), BP_SYM (feupdateenv), GLIBC_2.2); diff --git a/sysdeps/i386/fpu/fgetexcptflg.c b/sysdeps/i386/fpu/fgetexcptflg.c index b173afd2b3..dfa3c3434f 100644 --- a/sysdeps/i386/fpu/fgetexcptflg.c +++ b/sysdeps/i386/fpu/fgetexcptflg.c @@ -19,6 +19,7 @@ Boston, MA 02111-1307, USA. */ #include <fenv.h> +#include <bp-sym.h> int __fegetexceptflag (fexcept_t *flagp, int excepts) @@ -34,5 +35,5 @@ __fegetexceptflag (fexcept_t *flagp, int excepts) return 0; } strong_alias (__fegetexceptflag, __old_fegetexceptflag) -symbol_version (__old_fegetexceptflag, fegetexceptflag, GLIBC_2.1); -default_symbol_version (__fegetexceptflag, fegetexceptflag, GLIBC_2.2); +symbol_version (BP_SYM (__old_fegetexceptflag), BP_SYM (fegetexceptflag), GLIBC_2.1); +default_symbol_version (BP_SYM (__fegetexceptflag), BP_SYM (fegetexceptflag), GLIBC_2.2); diff --git a/sysdeps/i386/fpu/fsetexcptflg.c b/sysdeps/i386/fpu/fsetexcptflg.c index 6c196fb273..da5adce026 100644 --- a/sysdeps/i386/fpu/fsetexcptflg.c +++ b/sysdeps/i386/fpu/fsetexcptflg.c @@ -20,6 +20,7 @@ #include <fenv.h> #include <math.h> +#include <bp-sym.h> int __fesetexceptflag (const fexcept_t *flagp, int excepts) @@ -42,5 +43,5 @@ __fesetexceptflag (const fexcept_t *flagp, int excepts) return 0; } strong_alias (__fesetexceptflag, __old_fesetexceptflag) -symbol_version (__old_fesetexceptflag, fesetexceptflag, GLIBC_2.1); -default_symbol_version (__fesetexceptflag, fesetexceptflag, GLIBC_2.2); +symbol_version (BP_SYM (__old_fesetexceptflag), BP_SYM (fesetexceptflag), GLIBC_2.1); +default_symbol_version (BP_SYM (__fesetexceptflag), BP_SYM (fesetexceptflag), GLIBC_2.2); diff --git a/sysdeps/i386/i486/strcat.S b/sysdeps/i386/i486/strcat.S index c4ab170389..a37511f1c8 100644 --- a/sysdeps/i386/i486/strcat.S +++ b/sysdeps/i386/i486/strcat.S @@ -22,6 +22,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+4 /* space for 1 saved reg */ @@ -30,13 +31,15 @@ #define SRC DEST+PTR_SIZE .text -ENTRY (strcat) +ENTRY (BP_SYM (strcat)) ENTER pushl %edi /* Save callee-safe register. */ movl DEST(%esp), %edx movl SRC(%esp), %ecx + CHECK_BOUNDS_LOW (%edx, DEST(%esp)) + CHECK_BOUNDS_LOW (%ecx, SRC(%esp)) testb $0xff, (%ecx) /* Is source string empty? */ jz L(8) /* yes => return */ @@ -256,9 +259,11 @@ L(9): movb %al, (%ecx,%edx) /* store first byte of last word */ movb %ah, 3(%ecx,%edx) /* store fourth byte of last word */ -L(8): movl DEST(%esp), %eax /* start address of destination is result */ +L(8): /* GKM FIXME: check high bounds */ + movl DEST(%esp), %eax /* start address of destination is result */ + RETURN_BOUNDED_POINTER (DEST(%esp)) popl %edi /* restore saved register */ LEAVE RET_PTR -END (strcat) +END (BP_SYM (strcat)) diff --git a/sysdeps/i386/i486/strlen.S b/sysdeps/i386/i486/strlen.S index d19a3457cf..6c3eba8ad7 100644 --- a/sysdeps/i386/i486/strlen.S +++ b/sysdeps/i386/i486/strlen.S @@ -21,16 +21,18 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ #define STR PARMS .text -ENTRY (strlen) +ENTRY (BP_SYM (strlen)) ENTER movl STR(%esp), %ecx + CHECK_BOUNDS_LOW (%ecx, STR(%esp)) movl %ecx, %eax /* duplicate it */ andl $3, %ecx /* mask alignment bits */ @@ -128,8 +130,9 @@ L(3): testb %cl, %cl /* is first byte NUL? */ jz L(2) /* yes => return pointer */ incl %eax /* increment pointer */ -L(2): subl STR(%esp), %eax /* compute difference to string start */ +L(2): CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + subl STR(%esp), %eax /* compute difference to string start */ LEAVE ret -END (strlen) +END (BP_SYM (strlen)) diff --git a/sysdeps/i386/i586/add_n.S b/sysdeps/i386/i586/add_n.S index 7e30cac729..6ed5055bf4 100644 --- a/sysdeps/i386/i586/add_n.S +++ b/sysdeps/i386/i586/add_n.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -29,7 +30,7 @@ #define SIZE S2+PTR_SIZE .text -ENTRY(__mpn_add_n) +ENTRY (BP_SYM (__mpn_add_n)) ENTER pushl %edi @@ -41,7 +42,13 @@ ENTRY(__mpn_add_n) movl S1(%esp),%esi movl S2(%esp),%ebx movl SIZE(%esp),%ecx - +#if __BOUNDED_POINTERS__ + shll $2, %ecx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S1(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%ebx, S2(%esp), %ecx) + shrl $2, %ecx +#endif movl (%ebx),%ebp decl %ecx @@ -127,4 +134,4 @@ L(end2): LEAVE ret -END(__mpn_add_n) +END (BP_SYM (__mpn_add_n)) diff --git a/sysdeps/i386/i586/addmul_1.S b/sysdeps/i386/i586/addmul_1.S index 06cdbe1c6d..2cc17ddf90 100644 --- a/sysdeps/i386/i586/addmul_1.S +++ b/sysdeps/i386/i586/addmul_1.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -34,7 +35,7 @@ #define s2_limb ebx .text -ENTRY(__mpn_addmul_1) +ENTRY (BP_SYM (__mpn_addmul_1)) ENTER pushl %edi @@ -46,7 +47,13 @@ ENTRY(__mpn_addmul_1) movl S1(%esp), %s1_ptr movl SIZE(%esp), %size movl S2LIMB(%esp), %s2_limb - +#if __BOUNDED_POINTERS__ + shll $2, %size /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%res_ptr, RES(%esp), %size) + CHECK_BOUNDS_BOTH_WIDE (%s1_ptr, S1(%esp), %size) + CHECK_BOUNDS_BOTH_WIDE (%s2_limb, S2LIMB(%esp), %size) + shrl $2, %size +#endif leal (%res_ptr,%size,4), %res_ptr leal (%s1_ptr,%size,4), %s1_ptr negl %size @@ -80,4 +87,4 @@ L(oop): adcl $0, %ebp LEAVE ret #undef size -END(__mpn_addmul_1) +END (BP_SYM (__mpn_addmul_1)) diff --git a/sysdeps/i386/i586/bzero.S b/sysdeps/i386/i586/bzero.S index 84d2f709c1..220aa47c3f 100644 --- a/sysdeps/i386/i586/bzero.S +++ b/sysdeps/i386/i586/bzero.S @@ -1,3 +1,3 @@ #define memset __bzero #include <sysdeps/i386/i586/memset.S> -weak_alias (__bzero, bzero) +weak_alias (BP_SYM (__bzero), BP_SYM (bzero)) diff --git a/sysdeps/i386/i586/lshift.S b/sysdeps/i386/i586/lshift.S index 2a44150377..5d753b0bb3 100644 --- a/sysdeps/i386/i586/lshift.S +++ b/sysdeps/i386/i586/lshift.S @@ -19,6 +19,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -28,7 +29,7 @@ #define CNT SIZE+4 .text -ENTRY(__mpn_lshift) +ENTRY (BP_SYM (__mpn_lshift)) ENTER pushl %edi @@ -40,6 +41,12 @@ ENTRY(__mpn_lshift) movl S(%esp),%esi movl SIZE(%esp),%ebx movl CNT(%esp),%ecx +#if __BOUNDED_POINTERS__ + shll $2, %ebx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %ebx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S(%esp), %ebx) + shrl $2, %ebx +#endif /* We can use faster code for shift-by-1 under certain conditions. */ cmp $1,%ecx @@ -222,4 +229,4 @@ L(L1): movl %edx,(%edi) /* store last limb */ LEAVE ret -END(__mpn_lshift) +END (BP_SYM (__mpn_lshift)) diff --git a/sysdeps/i386/i586/memcpy.S b/sysdeps/i386/i586/memcpy.S index ed35b48ff6..514f82e883 100644 --- a/sysdeps/i386/i586/memcpy.S +++ b/sysdeps/i386/i586/memcpy.S @@ -20,6 +20,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" /* BEWARE: `#ifdef memcpy' means that memcpy is redefined as `mempcpy', @@ -34,7 +35,7 @@ #define LEN SRC+PTR_SIZE .text -ENTRY (memcpy) +ENTRY (BP_SYM (memcpy)) ENTER pushl %edi @@ -43,6 +44,8 @@ ENTRY (memcpy) movl DEST(%esp), %edi movl SRC(%esp), %esi movl LEN(%esp), %ecx + CHECK_BOUNDS_BOTH_WIDE (%edi, DEST(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%esi, SRC(%esp), %ecx) movl %edi, %eax /* We need this in any case. */ @@ -112,4 +115,4 @@ L(1): rep; movsb LEAVE RET_PTR -END (memcpy) +END (BP_SYM (memcpy)) diff --git a/sysdeps/i386/i586/mempcpy.S b/sysdeps/i386/i586/mempcpy.S index 03dc0789da..d4611c2a6f 100644 --- a/sysdeps/i386/i586/mempcpy.S +++ b/sysdeps/i386/i586/mempcpy.S @@ -1,4 +1,4 @@ #define memcpy __mempcpy #include <sysdeps/i386/i586/memcpy.S> -weak_alias (__mempcpy, mempcpy) +weak_alias (BP_SYM (__mempcpy), BP_SYM (mempcpy)) diff --git a/sysdeps/i386/i586/memset.S b/sysdeps/i386/i586/memset.S index 8b292e92fa..931832b566 100644 --- a/sysdeps/i386/i586/memset.S +++ b/sysdeps/i386/i586/memset.S @@ -21,6 +21,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" /* BEWARE: `#ifdef memset' means that memset is redefined as `bzero' */ @@ -37,18 +38,18 @@ #endif .text -ENTRY (memset) +ENTRY (BP_SYM (memset)) ENTER pushl %edi movl DEST(%esp), %edi movl LEN(%esp), %edx + CHECK_BOUNDS_BOTH_WIDE (%edi, DEST(%esp), %edx) #if BZERO_P xorl %eax, %eax /* we fill with 0 */ #else movb CHR(%esp), %al - movb %al, %ah movl %eax, %ecx shll $16, %eax @@ -101,7 +102,8 @@ L(2): shrl $2, %ecx /* convert byte count to longword count */ #if !BZERO_P /* Load result (only if used as memset). */ - movl DEST(%esp), %eax + movl DEST(%esp), %eax /* start address of destination is result */ + RETURN_BOUNDED_POINTER (DEST(%esp)) #endif popl %edi @@ -111,4 +113,4 @@ L(2): shrl $2, %ecx /* convert byte count to longword count */ #else RET_PTR #endif -END (memset) +END (BP_SYM (memset)) diff --git a/sysdeps/i386/i586/rshift.S b/sysdeps/i386/i586/rshift.S index 00b4cb710e..e82f17555d 100644 --- a/sysdeps/i386/i586/rshift.S +++ b/sysdeps/i386/i586/rshift.S @@ -19,6 +19,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -28,7 +29,7 @@ #define CNT SIZE+4 .text -ENTRY(__mpn_rshift) +ENTRY (BP_SYM (__mpn_rshift)) ENTER pushl %edi @@ -40,6 +41,12 @@ ENTRY(__mpn_rshift) movl S(%esp),%esi movl SIZE(%esp),%ebx movl CNT(%esp),%ecx +#if __BOUNDED_POINTERS__ + shll $2, %ebx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %ebx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S(%esp), %ebx) + shrl $2, %ebx +#endif /* We can use faster code for shift-by-1 under certain conditions. */ cmp $1,%ecx @@ -222,4 +229,4 @@ L(L1): movl %edx,(%edi) /* store last limb */ LEAVE ret -END(__mpn_rshift) +END (BP_SYM (__mpn_rshift)) diff --git a/sysdeps/i386/i586/strchr.S b/sysdeps/i386/i586/strchr.S index bf351f605e..bff1b8a84a 100644 --- a/sysdeps/i386/i586/strchr.S +++ b/sysdeps/i386/i586/strchr.S @@ -21,6 +21,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" /* This version is especially optimized for the i586 (and following?) @@ -42,7 +43,7 @@ #define CHR STR+PTR_SIZE .text -ENTRY (strchr) +ENTRY (BP_SYM (strchr)) ENTER pushl %edi /* Save callee-safe registers. */ @@ -53,6 +54,7 @@ ENTRY (strchr) movl STR(%esp), %eax movl CHR(%esp), %edx + CHECK_BOUNDS_LOW (%eax, STR(%esp)) movl %eax, %edi /* duplicate string pointer for later */ xorl %ecx, %ecx /* clear %ecx */ @@ -279,7 +281,9 @@ L(5): subl $4, %eax /* adjust pointer */ incl %eax /* increment pointer */ -L(2): popl %ebp /* restore saved registers */ +L(2): CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + RETURN_BOUNDED_POINTER (STR(%esp)) + popl %ebp /* restore saved registers */ popl %ebx popl %esi @@ -321,8 +325,8 @@ L(4): subl $4, %eax /* adjust pointer */ cmpb %dl, %ch /* fourth byte == C? */ je L(2) /* yes => return pointer */ -L(3): xorl %eax, %eax /* set return value = NULL */ - +L(3): xorl %eax, %eax + RETURN_NULL_BOUNDED_POINTER popl %ebp /* restore saved registers */ popl %ebx @@ -331,7 +335,7 @@ L(3): xorl %eax, %eax /* set return value = NULL */ LEAVE RET_PTR -END (strchr) +END (BP_SYM (strchr)) #undef index -weak_alias (strchr, index) +weak_alias (BP_SYM (strchr), BP_SYM (index)) diff --git a/sysdeps/i386/i586/strcpy.S b/sysdeps/i386/i586/strcpy.S index a48fbb68f8..03c4e77354 100644 --- a/sysdeps/i386/i586/strcpy.S +++ b/sysdeps/i386/i586/strcpy.S @@ -20,6 +20,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+12 /* space for 3 saved regs */ @@ -34,7 +35,7 @@ #define magic 0xfefefeff .text -ENTRY(STRCPY) +ENTRY (BP_SYM (STRCPY)) ENTER pushl %edi @@ -43,6 +44,8 @@ ENTRY(STRCPY) movl DEST(%esp), %edi movl SRC(%esp), %esi + CHECK_BOUNDS_LOW (%edi, DEST(%esp)) + CHECK_BOUNDS_LOW (%esi, SRC(%esp)) xorl %eax, %eax leal -1(%esi), %ecx @@ -142,15 +145,17 @@ L(4): movb %dl, (%edi) L(end): movb %ah, (%edi) L(end2): + /* GKM FIXME: check high bounds */ #ifdef USE_AS_STPCPY movl %edi, %eax #else movl DEST(%esp), %eax #endif + RETURN_BOUNDED_POINTER (DEST(%esp)) popl %ebx popl %esi popl %edi LEAVE RET_PTR -END(STRCPY) +END (BP_SYM (STRCPY)) diff --git a/sysdeps/i386/i586/strlen.S b/sysdeps/i386/i586/strlen.S index e2771268ed..6af9da9c41 100644 --- a/sysdeps/i386/i586/strlen.S +++ b/sysdeps/i386/i586/strlen.S @@ -21,6 +21,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" /* This version is especially optimized for the i586 (and following?) @@ -40,10 +41,11 @@ #define STR PARMS .text -ENTRY(strlen) +ENTRY (BP_SYM (strlen)) ENTER movl STR(%esp), %eax + CHECK_BOUNDS_LOW (%eax, STR(%esp)) movl $3, %edx /* load mask (= 3) */ andl %eax, %edx /* separate last two bits of address */ @@ -177,9 +179,10 @@ L(3): subl $4, %eax /* correct too early pointer increment */ incl %eax /* increment pointer */ -L(2): subl STR(%esp), %eax /* now compute the length as difference +L(2): CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + subl STR(%esp), %eax /* now compute the length as difference between start and terminating NUL character */ LEAVE ret -END (strlen) +END (BP_SYM (strlen)) diff --git a/sysdeps/i386/i586/sub_n.S b/sysdeps/i386/i586/sub_n.S index fcb13f114b..0b5de929d9 100644 --- a/sysdeps/i386/i586/sub_n.S +++ b/sysdeps/i386/i586/sub_n.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -29,7 +30,7 @@ #define SIZE S2+PTR_SIZE .text -ENTRY(__mpn_sub_n) +ENTRY (BP_SYM (__mpn_sub_n)) ENTER pushl %edi @@ -41,7 +42,13 @@ ENTRY(__mpn_sub_n) movl S1(%esp),%esi movl S2(%esp),%ebx movl SIZE(%esp),%ecx - +#if __BOUNDED_POINTERS__ + shll $2, %ecx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S1(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%ebx, S2(%esp), %ecx) + shrl $2, %ecx +#endif movl (%ebx),%ebp decl %ecx @@ -127,4 +134,4 @@ L(end2): LEAVE ret -END(__mpn_sub_n) +END (BP_SYM (__mpn_sub_n)) diff --git a/sysdeps/i386/i686/add_n.S b/sysdeps/i386/i686/add_n.S index 45e1284b1b..0b0684f931 100644 --- a/sysdeps/i386/i686/add_n.S +++ b/sysdeps/i386/i686/add_n.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+8 /* space for 2 saved regs */ @@ -33,7 +34,7 @@ L(1): addl (%esp), %eax ret #endif -ENTRY(__mpn_add_n) +ENTRY (BP_SYM (__mpn_add_n)) ENTER pushl %edi @@ -43,7 +44,13 @@ ENTRY(__mpn_add_n) movl S1(%esp),%esi movl S2(%esp),%edx movl SIZE(%esp),%ecx - +#if __BOUNDED_POINTERS__ + shll $2, %ecx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S1(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%edx, S2(%esp), %ecx) + shrl $2, %ecx +#endif movl %ecx,%eax shrl $3,%ecx /* compute count for unrolled loop */ negl %eax @@ -104,4 +111,4 @@ L(oop): movl (%esi),%eax LEAVE ret -END(__mpn_add_n) +END (BP_SYM (__mpn_add_n)) diff --git a/sysdeps/i386/i686/bzero.S b/sysdeps/i386/i686/bzero.S index 34b0faa91b..c1e4a6d50e 100644 --- a/sysdeps/i386/i686/bzero.S +++ b/sysdeps/i386/i686/bzero.S @@ -1,3 +1,3 @@ #define memset __bzero #include <sysdeps/i386/i686/memset.S> -weak_alias (__bzero, bzero) +weak_alias (BP_SYM (__bzero), BP_SYM (bzero)) diff --git a/sysdeps/i386/i686/memcpy.S b/sysdeps/i386/i686/memcpy.S index 8e8cc41fbc..cf836f438f 100644 --- a/sysdeps/i386/i686/memcpy.S +++ b/sysdeps/i386/i686/memcpy.S @@ -21,6 +21,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ @@ -30,7 +31,7 @@ #define LEN SRC+PTR_SIZE .text -ENTRY(memcpy) +ENTRY (BP_SYM (memcpy)) ENTER movl LEN(%esp), %ecx @@ -38,6 +39,9 @@ ENTRY(memcpy) movl DEST(%esp), %edi movl %esi, %edx movl SRC(%esp), %esi + CHECK_BOUNDS_BOTH_WIDE (%edi, DEST(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%esi, SRC(%esp), %ecx) + cld shrl $1, %ecx jnc 1f @@ -50,7 +54,8 @@ ENTRY(memcpy) movl %eax, %edi movl %edx, %esi movl DEST(%esp), %eax + RETURN_BOUNDED_POINTER (DEST(%esp)) LEAVE RET_PTR -END(memcpy) +END (BP_SYM (memcpy)) diff --git a/sysdeps/i386/i686/mempcpy.S b/sysdeps/i386/i686/mempcpy.S index c851d06d44..685c599742 100644 --- a/sysdeps/i386/i686/mempcpy.S +++ b/sysdeps/i386/i686/mempcpy.S @@ -21,6 +21,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ @@ -30,14 +31,16 @@ #define LEN SRC+PTR_SIZE .text -ENTRY(__mempcpy) +ENTRY (BP_SYM (__mempcpy)) ENTER movl LEN(%esp), %ecx movl %edi, %eax movl DEST(%esp), %edi + CHECK_BOUNDS_BOTH_WIDE (%edi, DEST(%esp), %ecx) movl %esi, %edx movl SRC(%esp), %esi + CHECK_BOUNDS_BOTH_WIDE (%esi, SRC(%esp), %ecx) cld shrl $1, %ecx jnc 1f @@ -49,8 +52,9 @@ ENTRY(__mempcpy) movsl xchgl %edi, %eax movl %edx, %esi + RETURN_BOUNDED_POINTER (DEST(%esp)) LEAVE RET_PTR -END(__mempcpy) -weak_alias (__mempcpy, mempcpy) +END (BP_SYM (__mempcpy)) +weak_alias (BP_SYM (__mempcpy), BP_SYM (mempcpy)) diff --git a/sysdeps/i386/i686/memset.S b/sysdeps/i386/i686/memset.S index 74ce87bfc7..98ba39d3d0 100644 --- a/sysdeps/i386/i686/memset.S +++ b/sysdeps/i386/i686/memset.S @@ -21,6 +21,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" /* BEWARE: `#ifdef memset' means that memset is redefined as `bzero' */ @@ -38,13 +39,14 @@ #endif .text -ENTRY (memset) +ENTRY (BP_SYM (memset)) ENTER cld pushl %edi movl DEST(%esp), %edx movl LEN(%esp), %ecx + CHECK_BOUNDS_BOTH_WIDE (%edx, DEST(%esp), %ecx) #if BZERO_P xorl %eax, %eax /* fill with 0 */ #else @@ -79,7 +81,8 @@ ENTRY (memset) 1: #if !BZERO_P - movl DEST(%esp), %eax + movl DEST(%esp), %eax /* start address of destination is result */ + RETURN_BOUNDED_POINTER (DEST(%esp)) #endif popl %edi @@ -89,4 +92,4 @@ ENTRY (memset) #else RET_PTR #endif -END (memset) +END (BP_SYM (memset)) diff --git a/sysdeps/i386/i686/strcmp.S b/sysdeps/i386/i686/strcmp.S index efda8515aa..b353db7e9d 100644 --- a/sysdeps/i386/i686/strcmp.S +++ b/sysdeps/i386/i686/strcmp.S @@ -20,6 +20,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ @@ -27,27 +28,37 @@ #define STR2 STR1+PTR_SIZE .text -ENTRY (strcmp) +ENTRY (BP_SYM (strcmp)) ENTER movl STR1(%esp), %ecx movl STR2(%esp), %edx + CHECK_BOUNDS_LOW (%ecx, STR1(%esp)) + CHECK_BOUNDS_LOW (%edx, STR2(%esp)) L(oop): movb (%ecx), %al - incl %ecx cmpb (%edx), %al jne L(neq) + incl %ecx incl %edx testb %al, %al jnz L(oop) xorl %eax, %eax + /* when strings are equal, pointers rest one beyond + the end of the NUL terminators. */ + CHECK_BOUNDS_HIGH (%ecx, STR1(%esp), jbe) + CHECK_BOUNDS_HIGH (%edx, STR2(%esp), jbe) jmp L(out) L(neq): movl $1, %eax - ja L(out) + ja L(chk) negl %eax + /* When strings differ, pointers rest on + the unequal characters. */ +L(chk): CHECK_BOUNDS_HIGH (%ecx, STR1(%esp), jb) + CHECK_BOUNDS_HIGH (%edx, STR2(%esp), jb) L(out): LEAVE ret -END (strcmp) +END (BP_SYM (strcmp)) diff --git a/sysdeps/i386/i686/strtok.S b/sysdeps/i386/i686/strtok.S index 18aa7c8c7b..96b3b5dc33 100644 --- a/sysdeps/i386/i686/strtok.S +++ b/sysdeps/i386/i686/strtok.S @@ -1,6 +1,6 @@ /* strtok (str, delim) -- Return next DELIM separated token from STR. For Intel 80686. - Copyright (C) 1998 Free Software Foundation, Inc. + Copyright (C) 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998. @@ -21,6 +21,8 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" +#include "bp-asm.h" /* This file can be used for three variants of the strtok function: @@ -45,7 +47,7 @@ save_ptr: .space 4 -#define FUNCTION strtok +#define FUNCTION BP_SYM (strtok) #endif .text @@ -55,7 +57,14 @@ save_ptr: ret #endif -ENTRY (FUNCTION) +#define PARMS LINKAGE /* no space for saved regs */ +#define RTN PARMS +#define STR RTN+RTN_SIZE +#define DELIM STR+PTR_SIZE +#define SAVE DELIM+PTR_SIZE + +ENTRY (BP_SYM (FUNCTION)) + ENTER #if !defined USE_AS_STRTOK_R && defined PIC pushl %ebx /* Save PIC register. */ @@ -226,4 +235,4 @@ L(return): L(returnNULL): xorl %eax, %eax jmp L(return) -END (FUNCTION) +END (BP_SYM (FUNCTION)) diff --git a/sysdeps/i386/i686/strtok_r.S b/sysdeps/i386/i686/strtok_r.S index 70048db2c4..cbaeabbabe 100644 --- a/sysdeps/i386/i686/strtok_r.S +++ b/sysdeps/i386/i686/strtok_r.S @@ -1,4 +1,4 @@ #define FUNCTION __strtok_r #define USE_AS_STRTOK_R 1 #include <sysdeps/i386/i686/strtok.S> -weak_alias (__strtok_r, strtok_r) +weak_alias (BP_SYM (__strtok_r), BP_SYM (strtok_r)) diff --git a/sysdeps/i386/lshift.S b/sysdeps/i386/lshift.S index 2e4c2ca3be..8845665098 100644 --- a/sysdeps/i386/lshift.S +++ b/sysdeps/i386/lshift.S @@ -19,6 +19,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+12 /* space for 3 saved regs */ @@ -28,7 +29,7 @@ #define CNT SIZE+4 .text -ENTRY(__mpn_lshift) +ENTRY (BP_SYM (__mpn_lshift)) ENTER pushl %edi @@ -39,7 +40,12 @@ ENTRY(__mpn_lshift) movl S(%esp),%esi movl SIZE(%esp),%edx movl CNT(%esp),%ecx - +#if __BOUNDED_POINTERS__ + shll $2, %edx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %edx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S(%esp), %edx) + shrl $2, %edx +#endif subl $4,%esi /* adjust s_ptr */ movl (%esi,%edx,4),%ebx /* read most significant limb */ @@ -84,4 +90,4 @@ L(end): shll %cl,%ebx /* compute least significant limb */ LEAVE ret -END(__mpn_lshift) +END (BP_SYM (__mpn_lshift)) diff --git a/sysdeps/i386/memchr.S b/sysdeps/i386/memchr.S index 80b210737b..9ff412678f 100644 --- a/sysdeps/i386/memchr.S +++ b/sysdeps/i386/memchr.S @@ -32,6 +32,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+8 /* space for 2 saved regs */ @@ -41,7 +42,7 @@ #define LEN CHR+4 .text -ENTRY (memchr) +ENTRY (BP_SYM (memchr)) ENTER /* Save callee-safe registers used in this function. */ @@ -52,6 +53,7 @@ ENTRY (memchr) movl STR(%esp), %eax /* str: pointer to memory block. */ movl CHR(%esp), %edx /* c: byte we are looking for. */ movl LEN(%esp), %esi /* len: length of memory block. */ + CHECK_BOUNDS_BOTH_WIDE (%eax, STR(%esp), %esi) /* If my must not test more than three characters test them one by one. This is especially true for 0. */ @@ -310,10 +312,17 @@ L(8): testb %cl, %cl /* test first byte in dword */ incl %eax /* increment source pointer */ /* No further test needed we we know it is one of the four bytes. */ - -L(9): popl %edi /* pop saved registers */ +L(9): +#if __BOUNDED_POINTERS__ + /* If RTN pointer is phony, don't copy return value into it. */ + movl RTN(%esp), %ecx + testl %ecx, %ecx + jz L(pop) + RETURN_BOUNDED_POINTER (STR(%esp)) +#endif +L(pop): popl %edi /* pop saved registers */ popl %esi LEAVE RET_PTR -END (memchr) +END (BP_SYM (memchr)) diff --git a/sysdeps/i386/memcmp.S b/sysdeps/i386/memcmp.S index a1cbadb621..8d855b9d2a 100644 --- a/sysdeps/i386/memcmp.S +++ b/sysdeps/i386/memcmp.S @@ -19,6 +19,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+4 /* space for 1 saved reg */ @@ -27,7 +28,7 @@ #define LEN BLK2+PTR_SIZE .text -ENTRY (memcmp) +ENTRY (BP_SYM (memcmp)) ENTER pushl %esi /* Save callee-safe registers. */ @@ -37,6 +38,8 @@ ENTRY (memcmp) movl BLK1(%esp), %esi movl BLK2(%esp), %edi movl LEN(%esp), %ecx + CHECK_BOUNDS_BOTH_WIDE (%esi, BLK1(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%edi, BLK2(%esp), %ecx) cld /* Set direction of comparison. */ @@ -64,7 +67,7 @@ L(1): popl %esi /* Restore registers. */ LEAVE ret -END (memcmp) +END (BP_SYM (memcmp)) #undef bcmp -weak_alias (memcmp, bcmp) +weak_alias (BP_SYM (memcmp), BP_SYM (bcmp)) diff --git a/sysdeps/i386/mul_1.S b/sysdeps/i386/mul_1.S index f5d49540b9..91483eb28e 100644 --- a/sysdeps/i386/mul_1.S +++ b/sysdeps/i386/mul_1.S @@ -20,6 +20,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -34,7 +35,7 @@ #define s2_limb ebx .text -ENTRY(__mpn_mul_1) +ENTRY (BP_SYM (__mpn_mul_1)) ENTER pushl %edi @@ -46,7 +47,13 @@ ENTRY(__mpn_mul_1) movl S1(%esp), %s1_ptr movl SIZE(%esp), %size movl S2LIMB(%esp), %s2_limb - +#if __BOUNDED_POINTERS__ + shll $2, %size /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%res_ptr, RES(%esp), %size) + CHECK_BOUNDS_BOTH_WIDE (%s1_ptr, S1(%esp), %size) + CHECK_BOUNDS_BOTH_WIDE (%s2_limb, S2LIMB(%esp), %size) + shrl $2, %size +#endif leal (%res_ptr,%size,4), %res_ptr leal (%s1_ptr,%size,4), %s1_ptr negl %size @@ -72,4 +79,4 @@ L(oop): LEAVE ret #undef size -END(__mpn_mul_1) +END (BP_SYM (__mpn_mul_1)) diff --git a/sysdeps/i386/rawmemchr.S b/sysdeps/i386/rawmemchr.S index 89ba8d3857..9042ca999b 100644 --- a/sysdeps/i386/rawmemchr.S +++ b/sysdeps/i386/rawmemchr.S @@ -31,6 +31,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+4 /* space for 1 saved reg */ @@ -39,7 +40,7 @@ #define CHR STR+PTR_SIZE .text -ENTRY (__rawmemchr) +ENTRY (BP_SYM (__rawmemchr)) ENTER /* Save callee-safe register used in this function. */ @@ -48,6 +49,7 @@ ENTRY (__rawmemchr) /* Load parameters into registers. */ movl STR(%esp), %eax movl CHR(%esp), %edx + CHECK_BOUNDS_LOW (%eax, STR(%esp)) /* At the moment %edx contains C. What we need for the algorithm is C in all bytes of the dword. Avoid @@ -213,9 +215,13 @@ L(8): testb %cl, %cl /* test first byte in dword */ /* No further test needed we we know it is one of the four bytes. */ -L(9): popl %edi /* pop saved register */ +L(9): + CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + RETURN_BOUNDED_POINTER (STR(%esp)) + popl %edi /* pop saved register */ LEAVE - ret -END (__rawmemchr) -weak_alias (__rawmemchr, rawmemchr) + RET_PTR +END (BP_SYM (__rawmemchr)) + +weak_alias (BP_SYM (__rawmemchr), BP_SYM (rawmemchr)) diff --git a/sysdeps/i386/rshift.S b/sysdeps/i386/rshift.S index c8a6a9feb0..cb6bfc632d 100644 --- a/sysdeps/i386/rshift.S +++ b/sysdeps/i386/rshift.S @@ -19,6 +19,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+12 /* space for 3 saved regs */ @@ -28,7 +29,7 @@ #define CNT SIZE+4 .text -ENTRY(__mpn_rshift) +ENTRY (BP_SYM (__mpn_rshift)) ENTER pushl %edi @@ -39,7 +40,12 @@ ENTRY(__mpn_rshift) movl S(%esp),%esi movl SIZE(%esp),%edx movl CNT(%esp),%ecx - +#if __BOUNDED_POINTERS__ + shll $2, %edx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %edx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S(%esp), %edx) + shrl $2, %edx +#endif leal -4(%edi,%edx,4),%edi leal (%esi,%edx,4),%esi negl %edx @@ -86,4 +92,4 @@ L(end): shrl %cl,%ebx /* compute most significant limb */ LEAVE ret -END(__mpn_rshift) +END (BP_SYM (__mpn_rshift)) diff --git a/sysdeps/i386/stpcpy.S b/sysdeps/i386/stpcpy.S index f8267c7d1e..f66097f3b9 100644 --- a/sysdeps/i386/stpcpy.S +++ b/sysdeps/i386/stpcpy.S @@ -24,6 +24,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ @@ -32,11 +33,13 @@ #define SRC DEST+PTR_SIZE .text -ENTRY (__stpcpy) +ENTRY (BP_SYM (__stpcpy)) ENTER movl DEST(%esp), %eax movl SRC(%esp), %ecx + CHECK_BOUNDS_LOW (%eax, DEST(%esp)) + CHECK_BOUNDS_LOW (%ecx, SRC(%esp)) subl %eax, %ecx /* magic: reduce number of loop variants to one using addressing mode */ @@ -82,9 +85,11 @@ L(1): addl $4, %eax /* increment loop counter */ L(4): incl %eax L(3): incl %eax L(2): + CHECK_BOUNDS_HIGH (%eax, DEST(%esp), jb) + RETURN_BOUNDED_POINTER (DEST(%esp)) LEAVE RET_PTR -END (__stpcpy) +END (BP_SYM (__stpcpy)) -weak_alias (__stpcpy, stpcpy) +weak_alias (BP_SYM (__stpcpy), BP_SYM (stpcpy)) diff --git a/sysdeps/i386/stpncpy.S b/sysdeps/i386/stpncpy.S index cd1a84558f..8ca2c9dccc 100644 --- a/sysdeps/i386/stpncpy.S +++ b/sysdeps/i386/stpncpy.S @@ -26,6 +26,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+4 /* space for 1 saved reg */ @@ -35,7 +36,7 @@ #define LEN SRC+PTR_SIZE .text -ENTRY (__stpncpy) +ENTRY (BP_SYM (__stpncpy)) ENTER pushl %esi @@ -43,6 +44,8 @@ ENTRY (__stpncpy) movl DEST(%esp), %eax movl SRC(%esp), %esi movl LEN(%esp), %ecx + CHECK_BOUNDS_LOW (%eax, DEST(%esp)) + CHECK_BOUNDS_LOW (%esi, SRC(%esp)) subl %eax, %esi /* magic: reduce number of loop variants to one using addressing mode */ @@ -137,10 +140,17 @@ L(8): L(3): decl %ecx /* all bytes written? */ jnz L(8) /* no, then again */ -L(9): popl %esi /* restore saved register content */ +L(9): +#if __BOUNDED_POINTERS__ + addl %eax, %esi /* undo magic: %esi now points beyond end of SRC */ + CHECK_BOUNDS_HIGH (%esi, SRC(%esp), jb) + CHECK_BOUNDS_HIGH (%eax, DEST(%esp), jb) + RETURN_BOUNDED_POINTER (DEST(%esp)) +#endif + popl %esi /* restore saved register content */ LEAVE RET_PTR -END (__stpncpy) +END (BP_SYM (__stpncpy)) -weak_alias (__stpncpy, stpncpy) +weak_alias (BP_SYM (__stpncpy), BP_SYM (stpncpy)) diff --git a/sysdeps/i386/strchr.S b/sysdeps/i386/strchr.S index 0bb28bc9be..eeefd04998 100644 --- a/sysdeps/i386/strchr.S +++ b/sysdeps/i386/strchr.S @@ -22,6 +22,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+4 /* space for 1 saved reg */ @@ -30,12 +31,13 @@ #define CHR STR+PTR_SIZE .text -ENTRY (strchr) +ENTRY (BP_SYM (strchr)) ENTER pushl %edi /* Save callee-safe registers used here. */ movl STR(%esp), %eax movl CHR(%esp), %edx + CHECK_BOUNDS_LOW (%eax, STR(%esp)) /* At the moment %edx contains C. What we need for the algorithm is C in all bytes of the dword. Avoid @@ -239,7 +241,8 @@ L(11): movl (%eax), %ecx /* get word (= 4 bytes) in question */ jz L(1) /* no NUL found => restart loop */ L(2): /* Return NULL. */ - xorl %eax, %eax /* load NULL in return value register */ + xorl %eax, %eax + RETURN_NULL_BOUNDED_POINTER popl %edi /* restore saved register content */ LEAVE @@ -274,10 +277,13 @@ L(7): testb %cl, %cl /* is first byte C? */ /* It must be in the fourth byte and it cannot be NUL. */ incl %eax -L(6): popl %edi /* restore saved register content */ +L(6): + CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + RETURN_BOUNDED_POINTER (STR(%esp)) + popl %edi /* restore saved register content */ LEAVE RET_PTR -END (strchr) +END (BP_SYM (strchr)) -weak_alias (strchr, index) +weak_alias (BP_SYM (strchr), BP_SYM (index)) diff --git a/sysdeps/i386/strchrnul.S b/sysdeps/i386/strchrnul.S index 6860a11d7a..d97528d9bd 100644 --- a/sysdeps/i386/strchrnul.S +++ b/sysdeps/i386/strchrnul.S @@ -23,6 +23,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+4 /* space for 1 saved reg */ @@ -31,13 +32,14 @@ #define CHR STR+PTR_SIZE .text -ENTRY (__strchrnul) +ENTRY (BP_SYM (__strchrnul)) ENTER pushl %edi /* Save callee-safe registers used here. */ movl STR(%esp), %eax movl CHR(%esp), %edx + CHECK_BOUNDS_LOW (%eax, STR(%esp)) /* At the moment %edx contains CHR. What we need for the algorithm is CHR in all bytes of the dword. Avoid @@ -269,10 +271,12 @@ L(7): testb %cl, %cl /* is first byte CHR? */ /* It must be in the fourth byte and it cannot be NUL. */ incl %eax -L(6): popl %edi /* restore saved register content */ +L(6): CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + RETURN_BOUNDED_POINTER (STR(%esp)) + popl %edi /* restore saved register content */ LEAVE RET_PTR -END (__strchrnul) +END (BP_SYM (__strchrnul)) -weak_alias (__strchrnul, strchrnul) +weak_alias (BP_SYM (__strchrnul), BP_SYM (strchrnul)) diff --git a/sysdeps/i386/strcspn.S b/sysdeps/i386/strcspn.S index e7529a15c8..b3e5d23091 100644 --- a/sysdeps/i386/strcspn.S +++ b/sysdeps/i386/strcspn.S @@ -23,6 +23,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ @@ -30,11 +31,12 @@ #define STOP STR+PTR_SIZE .text -ENTRY (strcspn) +ENTRY (BP_SYM (strcspn)) ENTER movl STR(%esp), %edx movl STOP(%esp), %eax + CHECK_BOUNDS_LOW (%edx, STR(%esp)) /* First we create a table with flags for all possible characters. For the ASCII (7bit/8bit) or ISO-8859-X character sets which are @@ -169,11 +171,11 @@ L(3): addl $4, %eax /* adjust pointer for full loop round */ L(6): incl %eax L(5): incl %eax -L(4): subl %edx, %eax /* we have to return the number of valid +L(4): addl $256, %esp /* remove stopset */ + CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + subl %edx, %eax /* we have to return the number of valid characters, so compute distance to first non-valid character */ - addl $256, %esp /* remove stopset */ - LEAVE ret -END (strcspn) +END (BP_SYM (strcspn)) diff --git a/sysdeps/i386/strpbrk.S b/sysdeps/i386/strpbrk.S index 59d65540ab..dab1700f15 100644 --- a/sysdeps/i386/strpbrk.S +++ b/sysdeps/i386/strpbrk.S @@ -23,6 +23,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ @@ -31,11 +32,12 @@ #define STOP STR+PTR_SIZE .text -ENTRY (strpbrk) +ENTRY (BP_SYM (strpbrk)) ENTER movl STR(%esp), %edx movl STOP(%esp), %eax + CHECK_BOUNDS_LOW (%edx, STR(%esp)) /* First we create a table with flags for all possible characters. For the ASCII (7bit/8bit) or ISO-8859-X character sets which are @@ -172,10 +174,17 @@ L(5): incl %eax L(4): addl $256, %esp /* remove stopset */ + CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) orb %cl, %cl /* was last character NUL? */ - jnz L(7) /* no => return pointer */ - xorl %eax, %eax /* return NULL */ + jnz L(7) /* no => return pointer */ + xorl %eax, %eax + RETURN_NULL_BOUNDED_POINTER -L(7): LEAVE + LEAVE RET_PTR -END (strpbrk) + +L(7): RETURN_BOUNDED_POINTER (STR(%esp)) + + LEAVE + RET_PTR +END (BP_SYM (strpbrk)) diff --git a/sysdeps/i386/strrchr.S b/sysdeps/i386/strrchr.S index 328d8b0a09..9f4c27caa0 100644 --- a/sysdeps/i386/strrchr.S +++ b/sysdeps/i386/strrchr.S @@ -22,6 +22,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+8 /* space for 2 saved regs */ @@ -30,7 +31,7 @@ #define CHR STR+PTR_SIZE .text -ENTRY (strrchr) +ENTRY (BP_SYM (strrchr)) ENTER pushl %edi /* Save callee-safe registers used here. */ @@ -39,6 +40,7 @@ ENTRY (strrchr) xorl %eax, %eax movl STR(%esp), %esi movl CHR(%esp), %ecx + CHECK_BOUNDS_LOW (%esi, STR(%esp)) /* At the moment %ecx contains C. What we need for the algorithm is C in all bytes of the dword. Avoid @@ -319,11 +321,13 @@ L(26): testb %dl, %dl /* is third byte == NUL */ jne L(2) /* no => skip */ leal 3(%esi), %eax /* store address as result */ -L(2): popl %esi /* restore saved register content */ +L(2): CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + RETURN_BOUNDED_POINTER (STR(%esp)) + popl %esi /* restore saved register content */ popl %edi LEAVE RET_PTR -END (strrchr) +END (BP_SYM (strrchr)) -weak_alias (strrchr, rindex) +weak_alias (BP_SYM (strrchr), BP_SYM (rindex)) diff --git a/sysdeps/i386/strspn.S b/sysdeps/i386/strspn.S index cfd11f0a9f..7d8c82bf95 100644 --- a/sysdeps/i386/strspn.S +++ b/sysdeps/i386/strspn.S @@ -23,6 +23,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE /* no space for saved regs */ @@ -30,11 +31,12 @@ #define SKIP STR+PTR_SIZE .text -ENTRY (strspn) +ENTRY (BP_SYM (strspn)) ENTER movl STR(%esp), %edx movl SKIP(%esp), %eax + CHECK_BOUNDS_LOW (%edx, STR(%esp)) /* First we create a table with flags for all possible characters. For the ASCII (7bit/8bit) or ISO-8859-X character sets which are @@ -169,11 +171,11 @@ L(3): addl $4, %eax /* adjust pointer for full loop round */ L(6): incl %eax L(5): incl %eax -L(4): subl %edx, %eax /* we have to return the number of valid +L(4): addl $256, %esp /* remove stopset */ + CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + subl %edx, %eax /* we have to return the number of valid characters, so compute distance to first non-valid character */ - addl $256, %esp /* remove stopset */ - LEAVE ret -END (strspn) +END (BP_SYM (strspn)) diff --git a/sysdeps/i386/strtok.S b/sysdeps/i386/strtok.S index 6fa6cc2d0c..47924b2237 100644 --- a/sysdeps/i386/strtok.S +++ b/sysdeps/i386/strtok.S @@ -21,6 +21,7 @@ #include <sysdep.h> #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" /* This file can be used for three variants of the strtok function: @@ -56,12 +57,13 @@ save_ptr: #define SAVE DELIM+PTR_SIZE .text - -ENTRY (FUNCTION) +ENTRY (BP_SYM (FUNCTION)) ENTER movl STR(%esp), %edx movl DELIM(%esp), %eax + CHECK_BOUNDS_LOW (%edx, STR(%esp)) + CHECK_BOUNDS_LOW (%eax, DELIM(%esp)) #if !defined (USE_AS_STRTOK_R) && defined (PIC) pushl %ebx /* Save PIC register. */ @@ -169,17 +171,17 @@ L(0): L(2): movb (%eax), %cl /* get byte from stopset */ testb %cl, %cl /* is NUL char? */ - jz L(1) /* yes => start compare loop */ + jz L(1_1) /* yes => start compare loop */ movb %cl, (%esp,%ecx) /* set corresponding byte in stopset table */ movb 1(%eax), %cl /* get byte from stopset */ testb $0xff, %cl /* is NUL char? */ - jz L(1) /* yes => start compare loop */ + jz L(1_2) /* yes => start compare loop */ movb %cl, (%esp,%ecx) /* set corresponding byte in stopset table */ movb 2(%eax), %cl /* get byte from stopset */ testb $0xff, %cl /* is NUL char? */ - jz L(1) /* yes => start compare loop */ + jz L(1_3) /* yes => start compare loop */ movb %cl, (%esp,%ecx) /* set corresponding byte in stopset table */ movb 3(%eax), %cl /* get byte from stopset */ @@ -188,7 +190,16 @@ L(2): movb (%eax), %cl /* get byte from stopset */ testb $0xff, %cl /* is NUL char? */ jnz L(2) /* no => process next dword from stopset */ -L(1): leal -4(%edx), %eax /* prepare loop */ +#if __BOUNDED_POINTERS__ + jmp L(1_0) /* pointer is correct for bounds check */ +L(1_3): incl %eax /* adjust pointer for bounds check */ +L(1_2): incl %eax /* ditto */ +L(1_1): incl %eax /* ditto */ +L(1_0): CHECK_BOUNDS_HIGH (%eax, DELIM(%esp), jb) +#else +L(1_3):; L(1_2):; L(1_1): /* fall through */ +#endif + leal -4(%edx), %eax /* prepare loop */ /* We use a neat trick for the following loop. Normally we would have to test for two termination conditions @@ -275,10 +286,19 @@ L(return): popl %ebx # endif #endif +#if __BOUNDED_POINTERS__ + testl %eax, %eax + jz L(ret) + CHECK_BOUNDS_HIGH (%eax, STR(%esp), jb) + RETURN_BOUNDED_POINTER (STR(%esp)) +L(ret): +#endif LEAVE RET_PTR L(returnNULL): xorl %eax, %eax + RETURN_NULL_BOUNDED_POINTER jmp L(return) -END (FUNCTION) + +END (BP_SYM (FUNCTION)) diff --git a/sysdeps/i386/strtok_r.S b/sysdeps/i386/strtok_r.S index c048e41cb6..621093a249 100644 --- a/sysdeps/i386/strtok_r.S +++ b/sysdeps/i386/strtok_r.S @@ -1,4 +1,4 @@ #define FUNCTION __strtok_r #define USE_AS_STRTOK_R 1 #include <sysdeps/i386/strtok.S> -weak_alias (__strtok_r, strtok_r) +weak_alias (BP_SYM (__strtok_r), BP_SYM (strtok_r)) diff --git a/sysdeps/i386/sub_n.S b/sysdeps/i386/sub_n.S index 94cb070504..55f288ef32 100644 --- a/sysdeps/i386/sub_n.S +++ b/sysdeps/i386/sub_n.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+8 /* space for 2 saved regs */ @@ -29,7 +30,7 @@ #define SIZE S2+PTR_SIZE .text -ENTRY(__mpn_sub_n) +ENTRY (BP_SYM (__mpn_sub_n)) ENTER pushl %edi @@ -39,7 +40,13 @@ ENTRY(__mpn_sub_n) movl S1(%esp),%esi movl S2(%esp),%edx movl SIZE(%esp),%ecx - +#if __BOUNDED_POINTERS__ + shll $2, %ecx /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%edi, RES(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%esi, S1(%esp), %ecx) + CHECK_BOUNDS_BOTH_WIDE (%edx, S2(%esp), %ecx) + shrl $2, %ecx +#endif movl %ecx,%eax shrl $3,%ecx /* compute count for unrolled loop */ negl %eax @@ -103,4 +110,4 @@ L(oop): movl (%esi),%eax LEAVE ret -END(__mpn_sub_n) +END (BP_SYM (__mpn_sub_n)) diff --git a/sysdeps/i386/submul_1.S b/sysdeps/i386/submul_1.S index b3c4e42b88..56a015eb4b 100644 --- a/sysdeps/i386/submul_1.S +++ b/sysdeps/i386/submul_1.S @@ -20,6 +20,7 @@ #include "sysdep.h" #include "asm-syntax.h" +#include "bp-sym.h" #include "bp-asm.h" #define PARMS LINKAGE+16 /* space for 4 saved regs */ @@ -34,7 +35,7 @@ #define s2_limb ebx .text -ENTRY(__mpn_submul_1) +ENTRY (BP_SYM (__mpn_submul_1)) ENTER pushl %edi @@ -46,7 +47,13 @@ ENTRY(__mpn_submul_1) movl S1(%esp), %s1_ptr movl SIZE(%esp), %sizeP movl S2LIMB(%esp), %s2_limb - +#if __BOUNDED_POINTERS__ + shll $2, %sizeP /* convert limbs to bytes */ + CHECK_BOUNDS_BOTH_WIDE (%res_ptr, RES(%esp), %sizeP) + CHECK_BOUNDS_BOTH_WIDE (%s1_ptr, S1(%esp), %sizeP) + CHECK_BOUNDS_BOTH_WIDE (%s2_limb, S2LIMB(%esp), %sizeP) + shrl $2, %sizeP +#endif leal (%res_ptr,%sizeP,4), %res_ptr leal (%s1_ptr,%sizeP,4), %s1_ptr negl %sizeP @@ -72,4 +79,4 @@ L(oop): LEAVE ret -END(__mpn_submul_1) +END (BP_SYM (__mpn_submul_1)) |